<?php

/*
 * This file will perform the ajax for creating a position.
 * This is being used by admCreatePos.php.
 * 
 * Created by: Peter Agno Jr.
 * Date created: November 27, 2011
 * 
 * In parameters: positionId and positionName
 * Out parameters: flag and msg about the success of creation of position
 */

//********************************************************************************************************
/*
 * Define the functions in here
 */
    // Start - Check if the positionId is existing
    function idNotExist($positionId) {
        $query =
            "
                SELECT *
                FROM Position
                WHERE positionId = '$positionId'
            ";
        
        $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
        
        if ( mysql_num_rows($result) == 0 ) {
            return true;
        }
        else {
            return false;
        }
    } // End - Check if the positionId is existing
    
    // Start - Insert data in Position
    function createPos($positionId, $positionName) {
        $query =
            "
                INSERT INTO Position (positionId, positionName, positionLastUpdated) VALUES
                    ('$positionId', '$positionName', NULL);
            ";

        mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
    } // End - Insert data in Position
    
    // Start - Insert data in Department_Position
    function createDeptPos($positionId, $deptIds) {
        foreach ($deptIds as $deptId) {
            $query =
            "
                INSERT INTO Department_Position (positionId, departmentId) VALUES
                    ('$positionId', '$deptId');
            ";

            mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
        }
    } // End - Insert data in Department_Position
    
    // Start - Insert data in Dept_Pos_SecurityGroup
    function createDeptPosSecGrp($positionId, $deptIds, $secGrpIds) {
        // for each department, put the security group
        foreach ($deptIds as $deptId) {
            // Get deptPosId
            $query =
                "
                    SELECT *
                    FROM Department_Position
                    WHERE departmentId = '$deptId' AND positionId = '$positionId'
                ";
            $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
            $row = mysql_fetch_array($result);
            $deptPosId = $row['deptPosId'];
            foreach ($secGrpIds as $secGrpId) {
                $query =
                "
                    INSERT INTO Dept_Pos_SecurityGroup (deptPosId, securityGroupId) VALUES
                        ('$deptPosId', '$secGrpId');
                ";

                mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
            }
        }
    } // End - Insert data in Dept_Pos_SecurityGroup
    
//********************************************************************************************************

session_start();

// Start - Checker for those users who will just go to the page by typing directly in the url.
if ($_POST) {
    include('../includes/siteConfig.php');
    
    $deptIds = array();
    $secGrpIds = array();
    
    // connect to database
    $connect = mysql_connect($hostName,$rootName,$dBasePassword) or die ('Unable to connect!');
    mysql_select_db($dBaseName) or die ('Unable to select database!');
    
    // Get the data from post
    $positionId = $_POST['positionId'];
    $positionName = $_POST['positionName'];
    
    // Check if the positionId is existing
    if ( idNotExist($positionId) == true ) {
            createPos($positionId, $positionName);  // Create data in Position table
            
            $jsondata = array();
            $jsondata['msg'] = $positionName . " position was successfully created.";
            $jsondata['flag'] = "success";
            $feed[] = $jsondata;
            echo json_encode($feed);
    }
    else {
        $jsondata = array();
        $jsondata['msg'] = "Error : Position Id already exists.";
        $jsondata['flag'] = "error";
        $feed[] = $jsondata;
        echo json_encode($feed);
    }
    
    mysql_close($connect);
}   // End - Checker for those users who will just go to the page by typing directly in the url.
else {
    echo "You are not authorized to view this page. This incident will be reported immediately.";
}
?>
